// 注册跟登录
const express = require("express");
const router = express.Router();
const bcrypt = require('bcrypt');//加密密码的插件
const gravatar = require('gravatar');//头像
const jwt = require('jsonwebtoken');//设置toke值
const keys = require('../../config/keys')
const passport = require('passport')

const User = require("../../moudels/User");

// 引入验证
const validateRegisterInput = require('../../validation/register')
const validateLoginInput = require('../../validation/login')

// $router GET api/users/test
// @desc 返回请求json数据
// @access public
router.get('/test', (req, res) => {
    res.json({ msg: "login works" });
})

// $router POST api/users/register
// @desc 返回请求json数据
// @access public
router.post('/register', (req, res) => {
    const {errors,isValid} = validateRegisterInput(req.body);
    // 判断isValid是否通过
    if (!isValid) {
        return res.status(400).json({errors})
    }
    // 查询数据库中是否拥有邮箱
    User.findOne({ email: req.body.email })
        .then((user) => {
            if (user) {
                return res.status(400).json({ email: "邮箱已被注册" })
            } else {
                const avatar = gravatar.url(req.body.email, {s: '200', r: 'pg', d: 'mm'});

                const newUser = new User({
                    name: req.body.name,
                    email: req.body.email,
                    avatar,
                    password: req.body.password
                })
                bcrypt.genSalt(10, function (err, salt) {
                    bcrypt.hash(newUser.password, salt, (err, hash) => {
                        // Store hash in your password DB.
                        if (err) throw err;
                        newUser.password = hash;
                        newUser.save()
                               .then((user) => {
                                    res.json(user)
                                })
                               .catch((err) => {
                                    console.log(err)
                                })
                    });
                });

            }
        })
})
// $router POST api/users/login
// @desc 返回token jwt passport
// @access public
router.post('/login',(req,res) =>{
    const email = req.body.email;
    const password = req.body.password;
    const {errors,isValid} = validateLoginInput(req.body);
    // 判断isValid是否通过
    if (!isValid) {
        return res.status(400).json({errors})
    }
    // 查询数据库
    User.findOne({email})
        .then((user) =>{
            if (!user) {
                return res.status(404).json({ email: "用户不存在" });
            }
            // 密码匹配
            bcrypt.compare(password, user.password)
                  .then(isMatch =>{
                      if (isMatch) {                    
                        //  jwt.sign("规则","加密名字","过期时间","箭头函数")
                        // 定义规则
                        const rule = {id:user.id,name:user.name}
                        jwt.sign(rule,keys.secretOrkey,{expiresIn:3600},(err,token) =>{
                            if(err) throw err;
                            res.json({
                                success:true,
                                token:"Bearer " + token
                            })
                        })
                        // res.json({ msg: "成功" });
                      }else{
                        return res.status(400).json({ password: "密码错误" }); 
                      }
                  })
        })
})
// $router GET api/users/current
// @desc return current user
// @access private
// router.get('/current','验证token',(req,res) =>{
//     res.json({msg:"成功"})
// })
router.get('/current',passport.authenticate('jwt',{session:false}),(req,res) =>{
    res.json({
        id:req.user.id,
        name:req.user.name,
        email:req.user.email
    })
})
module.exports = router